Anderson, Eric
Li, Jun
2010-03-10T22:33:16Z
2010-03-10T22:33:16Z
2010-03-10T22:33:16Z
http://hdl.handle.net/1794/10255
9 p.
Many network applications (such as swarming downloads,
peer-to-peer video streaming and file sharing) are made possible
by using large groups of peers to distribute and process
data. Securing data in such a system requires not just data
originators, but also those “distributors,” to enforce access
control, verify integrity, or make other content-specific security
decisions for the replicated or adapted data.
In this paper, we introduce the concepts of cooperative policy
enforcement and request type checking, and propose an
implementation framework Q which uses these approaches
to secure data in peer-to-peer systems.
The Q framework associates every data object with relocatable
policy descriptors which distributors can use to determine
whether a request for that object should be granted
and whether a data transfer meets a request. With minimal
changes to the application or the framework, Q can define
and enforce arbitrarily sophisticated policies across a wide
range of applications. Policies can be written to work across
applications, or to include application-specific criteria and
behavior.
We will also discuss integrating Q with several peer-to-peer
applications, including Gnutella, distributed hash tables such
as CAN and Chord, peer-to-peer video streaming, HTTP
swarming and application-level routing.
en_US
Peer-to-peer architecture (Computer networks)
Cooperative Policy Control for Peer-to-Peer Data Distribution
Technical Report